CVE-2017-20233

MEDIUM

Hirschmann HiLCOS Layer-2 Firewall Multicast Broadcast Traffic Bypass

Title source: cna
STIX 2.1

Description

Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability that fails to correctly filter IPv4 multicast and broadcast traffic when management IP address filtering is disabled, allowing configured filter rules to be bypassed. Attackers with network access can inject or observe multicast and broadcast packets that should have been blocked by the firewall.

Scores

CVSS v3 5.4
EPSS 0.0020
EPSS Percentile 10.5%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-284
Status published
Products (5)
Belden/Hirschmann HiLCOS BAT867
Belden/Hirschmann HiLCOS BAT867 < 9.14.5500-REL
Belden/Hirschmann HiLCOS OpenBAT, BAT450, WLC
Belden/Hirschmann HiLCOS OpenBAT, BAT450, WLC < 9.10.5126-REL
Belden/Hirschmann HiLCOS OpenBAT, BAT450, WLC < 9.12.5500-REL
Published Apr 03, 2026
Tracked Since Apr 04, 2026